#!/usr/bin/perl -T
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.

use 5.14.0;
use strict;
use warnings;

use lib qw(. lib local/lib/perl5);

use Bugzilla;
use Bugzilla::BugMail;
use Bugzilla::Constants;
use Bugzilla::Mailer;
use Bugzilla::Search;
use Bugzilla::Util;
use Bugzilla::Error;
use Bugzilla::User;
use Bugzilla::User::APIKey;
use Bugzilla::User::Setting qw(clear_settings_cache);
use Bugzilla::Token;

my $template = Bugzilla->template;
local our $vars = {};

###############################################################################
# Each panel has two functions - panel Foo has a DoFoo, to get the data
# necessary for displaying the panel, and a SaveFoo, to save the panel's
# contents from the form data (if appropriate).
# SaveFoo may be called before DoFoo.
###############################################################################
sub DoAccount {
  my $dbh  = Bugzilla->dbh;
  my $user = Bugzilla->user;

  if (Bugzilla->params->{'allowemailchange'}
    && $user->authorizer->can_change_email)
  {
    # First delete old tokens.
    Bugzilla::Token::CleanTokenTable();

    my @token = $dbh->selectrow_array(
          "SELECT tokentype, "
        . $dbh->sql_date_math('issuedate', '+', MAX_TOKEN_AGE, 'DAY')
        . ", eventdata
               FROM tokens
              WHERE userid = ?
                AND tokentype LIKE 'email%'
           ORDER BY tokentype ASC " . $dbh->sql_limit(1), undef, $user->id
    );
    if (scalar(@token) > 0) {
      my ($tokentype, $change_date, $eventdata) = @token;
      $vars->{'email_change_date'} = $change_date;

      if ($tokentype eq 'emailnew') {
        my ($oldemail, $newemail) = split(/:/, $eventdata);
        $vars->{'new_email'} = $newemail;
      }
    }
  }
}

sub SaveAccount {
  my $cgi = Bugzilla->cgi;
  my $dbh = Bugzilla->dbh;

  $dbh->bz_start_transaction;

  my $user = Bugzilla->user;

  my $oldpassword = $cgi->param('old_password');
  my $verified_password;
  my $pwd1      = $cgi->param('new_password1');
  my $pwd2      = $cgi->param('new_password2');
  my $new_login = clean_text(scalar $cgi->param('new_login'));
  my $new_email = clean_text(scalar $cgi->param('new_email'));

  if ($user->authorizer->can_change_password && ($pwd1 ne "" || $pwd2 ne "")) {
    $user->check_current_password($oldpassword);
    $verified_password = 1;

    $pwd1 || ThrowUserError("new_password_missing");
    validate_password($pwd1, $pwd2);

    if ($oldpassword ne $pwd1) {
      $user->set_password($pwd1);

      # Invalidate all logins except for the current one
      Bugzilla->logout(LOGOUT_KEEP_CURRENT);
    }
  }

  # This is used only if email and login are separate
  if ( $user->authorizer->can_change_login
    && !Bugzilla->params->{"use_email_as_login"}
    && $new_login
    && $user->login ne $new_login)
  {
    $verified_password || $user->check_current_password($oldpassword);

    if ($new_login =~ /@/ && $new_login ne $user->email) {
      ThrowUserError("login_at_sign_disallowed");
    }

    if (Bugzilla::Token::HasEmailChangeToken($user->id)) {
      ThrowUserError("login_change_during_email_change");
    }

    $user->set_login($new_login);
  }

  # This is used for the single value if use_email_as_login is true, or for
  # the email address otherwise.
  if ( $user->authorizer->can_change_email
    && Bugzilla->params->{"allowemailchange"}
    && $new_email
    && $user->email ne $new_email)
  {
    $verified_password || $user->check_current_password($oldpassword);

    # Block multiple email changes for the same user.
    if (Bugzilla::Token::HasEmailChangeToken($user->id)) {
      ThrowUserError("email_change_in_progress");
    }

    # Before changing to an email address, confirm it does not exist.
    $user->check_email($new_email);

    $vars->{'email_token'} = Bugzilla::Token::IssueEmailChangeToken($new_email);
    $vars->{'email_changes_saved'} = 1;
  }
  $user->set_name(scalar $cgi->param('realname'));
  $user->update({keep_session => 1, keep_tokens => 1});
  $dbh->bz_commit_transaction;
}


sub DoSettings {
  my $user = Bugzilla->user;

  my $settings = $user->settings;
  $vars->{'settings'} = $settings;

  my @setting_list = sort keys %$settings;
  $vars->{'setting_names'} = \@setting_list;

  $vars->{'has_settings_enabled'} = 0;

  # Is there at least one user setting enabled?
  foreach my $setting_name (@setting_list) {
    if ($settings->{"$setting_name"}->{'is_enabled'}) {
      $vars->{'has_settings_enabled'} = 1;
      last;
    }
  }
  $vars->{'dont_show_button'} = !$vars->{'has_settings_enabled'};
}

sub SaveSettings {
  my $cgi  = Bugzilla->cgi;
  my $user = Bugzilla->user;

  my $settings     = $user->settings;
  my @setting_list = keys %$settings;

  foreach my $name (@setting_list) {
    next if !($settings->{$name}->{'is_enabled'});
    my $value = $cgi->param($name);
    next unless defined $value;
    my $setting = new Bugzilla::User::Setting($name);

    if ($value eq "${name}-isdefault") {
      if (!$settings->{$name}->{'is_default'}) {
        $settings->{$name}->reset_to_default;
      }
    }
    else {
      $setting->validate_value($value);
      $settings->{$name}->set($value);
    }
  }
  $vars->{'settings'} = $user->settings(1);
  clear_settings_cache($user->id);
}

sub DoEmail {
  my $dbh  = Bugzilla->dbh;
  my $user = Bugzilla->user;

  ###########################################################################
  # User watching
  ###########################################################################
  my $watched_ref = $dbh->selectcol_arrayref(
    "SELECT profiles.login_name FROM watch INNER JOIN profiles"
      . " ON watch.watched = profiles.userid"
      . " WHERE watcher = ?"
      . " ORDER BY profiles.login_name",
    undef, $user->id
  );
  $vars->{'watchedusers'} = $watched_ref;

  my $watcher_ids
    = $dbh->selectcol_arrayref("SELECT watcher FROM watch WHERE watched = ?",
    undef, $user->id);

  my @watchers;
  foreach my $watcher_id (@$watcher_ids) {
    my $watcher = new Bugzilla::User($watcher_id);
    push(@watchers, Bugzilla::User::identity($watcher));
  }

  @watchers = sort { lc($a) cmp lc($b) } @watchers;
  $vars->{'watchers'} = \@watchers;
}

sub SaveEmail {
  my $dbh  = Bugzilla->dbh;
  my $cgi  = Bugzilla->cgi;
  my $user = Bugzilla->user;

  Bugzilla::User::match_field({'new_watchedusers' => {'type' => 'multi'}});

  ###########################################################################
  # Role-based preferences
  ###########################################################################
  $dbh->bz_start_transaction();

  my $sth_insert = $dbh->prepare(
    'INSERT INTO email_setting
                                    (user_id, relationship, event) VALUES (?, ?, ?)'
  );

  my $sth_delete = $dbh->prepare(
    'DELETE FROM email_setting
                                    WHERE user_id = ? AND relationship = ? AND event = ?'
  );

  # Load current email preferences into memory before updating them.
  my $settings = $user->mail_settings;

  # Update the table - first, with normal events in the
  # relationship/event matrix.
  my %relationships = Bugzilla::BugMail::relationships();
  foreach my $rel (keys %relationships) {
    next if ($rel == REL_QA && !Bugzilla->params->{'useqacontact'});

    # Positive events: a ticked box means "send me mail."
    foreach my $event (POS_EVENTS) {
      my $is_set = $cgi->param("email-$rel-$event");
      if ($is_set xor $settings->{$rel}{$event}) {
        if ($is_set) {
          $sth_insert->execute($user->id, $rel, $event);
        }
        else {
          $sth_delete->execute($user->id, $rel, $event);
        }
      }
    }

    # Negative events: a ticked box means "don't send me mail."
    foreach my $event (NEG_EVENTS) {
      my $is_set = $cgi->param("neg-email-$rel-$event");
      if (!$is_set xor $settings->{$rel}{$event}) {
        if (!$is_set) {
          $sth_insert->execute($user->id, $rel, $event);
        }
        else {
          $sth_delete->execute($user->id, $rel, $event);
        }
      }
    }
  }

  # Global positive events: a ticked box means "send me mail."
  foreach my $event (GLOBAL_EVENTS) {
    my $is_set = $cgi->param("email-" . REL_ANY . "-$event");
    if ($is_set xor $settings->{+REL_ANY}{$event}) {
      if ($is_set) {
        $sth_insert->execute($user->id, REL_ANY, $event);
      }
      else {
        $sth_delete->execute($user->id, REL_ANY, $event);
      }
    }
  }

  $dbh->bz_commit_transaction();

  # We have to clear the cache about email preferences.
  delete $user->{'mail_settings'};

  ###########################################################################
  # User watching
  ###########################################################################
  if ( defined $cgi->param('new_watchedusers')
    || defined $cgi->param('remove_watched_users'))
  {
    $dbh->bz_start_transaction();

    # Use this to protect error messages on duplicate submissions
    my $old_watch_ids
      = $dbh->selectcol_arrayref("SELECT watched FROM watch" . " WHERE watcher = ?",
      undef, $user->id);

    # The new information given to us by the user.
    my $new_watched_users = join(',', $cgi->param('new_watchedusers')) || '';
    my @new_watch_names = split(/[,\s]+/, $new_watched_users);
    my %new_watch_ids;

    foreach my $username (@new_watch_names) {
      my $watched_userid = login_to_id(trim($username), THROW_ERROR);
      $new_watch_ids{$watched_userid} = 1;
    }

    # Add people who were added.
    my $insert_sth
      = $dbh->prepare('INSERT INTO watch (watched, watcher)' . ' VALUES (?, ?)');
    foreach my $add_me (keys(%new_watch_ids)) {
      next if grep($_ == $add_me, @$old_watch_ids);
      $insert_sth->execute($add_me, $user->id);
    }

    if (defined $cgi->param('remove_watched_users')) {
      my @removed = $cgi->multi_param('watched_by_you');

      # Remove people who were removed.
      my $delete_sth
        = $dbh->prepare('DELETE FROM watch WHERE watched = ?' . ' AND watcher = ?');

      my %remove_watch_ids;
      foreach my $username (@removed) {
        my $watched_userid = login_to_id(trim($username), THROW_ERROR);
        $remove_watch_ids{$watched_userid} = 1;
      }
      foreach my $remove_me (keys(%remove_watch_ids)) {
        $delete_sth->execute($remove_me, $user->id);
      }
    }

    $dbh->bz_commit_transaction();
  }

  ###########################################################################
  # Ignore Bugs
  ###########################################################################
  my %ignored_bugs = map { $_->{'id'} => 1 } @{$user->bugs_ignored};

  # Validate the new bugs to ignore by checking that they exist and also
  # if the user gave an alias
  my @add_ignored = split(/[\s,]+/, $cgi->param('add_ignored_bugs'));
  @add_ignored = map { Bugzilla::Bug->check($_)->id } @add_ignored;
  map { $ignored_bugs{$_} = 1 } @add_ignored;

  # Remove any bug ids the user no longer wants to ignore
  foreach my $key (grep(/^remove_ignored_bug_/, $cgi->multi_param())) {
    my ($bug_id) = $key =~ /(\d+)$/a;
    delete $ignored_bugs{$bug_id};
  }

  # Update the database with any changes made
  my ($removed, $added)
    = diff_arrays([map { $_->{'id'} } @{$user->bugs_ignored}],
    [keys %ignored_bugs]);

  if (scalar @$removed || scalar @$added) {
    $dbh->bz_start_transaction();

    if (scalar @$removed) {
      $dbh->do(
        'DELETE FROM email_bug_ignore WHERE user_id = ? AND '
          . $dbh->sql_in('bug_id', $removed),
        undef, $user->id
      );
    }
    if (scalar @$added) {
      my $sth = $dbh->prepare(
        'INSERT INTO email_bug_ignore
                                     (user_id, bug_id) VALUES (?, ?)'
      );
      $sth->execute($user->id, $_) foreach @$added;
    }

    # Reset the cache of ignored bugs if the list changed.
    delete $user->{bugs_ignored};

    $dbh->bz_commit_transaction();
  }
}


sub DoPermissions {
  my $dbh  = Bugzilla->dbh;
  my $user = Bugzilla->user;
  my (@has_bits, @set_bits);

  my $groups
    = $dbh->selectall_arrayref(
        "SELECT DISTINCT name, description FROM groups WHERE id IN ("
      . $user->groups_as_string
      . ") ORDER BY name");
  foreach my $group (@$groups) {
    my ($nam, $desc) = @$group;
    push(@has_bits, {"desc" => $desc, "name" => $nam});
  }
  $groups = $dbh->selectall_arrayref(
    'SELECT DISTINCT id, name, description
                                          FROM groups
                                         ORDER BY name'
  );
  foreach my $group (@$groups) {
    my ($group_id, $nam, $desc) = @$group;
    if ($user->can_bless($group_id)) {
      push(@set_bits, {"desc" => $desc, "name" => $nam});
    }
  }

  # If the user has product specific privileges, inform them about that.
  foreach my $privs (PER_PRODUCT_PRIVILEGES) {
    next if $user->in_group($privs);
    $vars->{"local_$privs"} = $user->get_products_by_permission($privs);
  }

  $vars->{'has_bits'} = \@has_bits;
  $vars->{'set_bits'} = \@set_bits;
}

# No SavePermissions() because this panel has no changeable fields.


sub DoSavedSearches {
  my $dbh  = Bugzilla->dbh;
  my $user = Bugzilla->user;

  if ($user->queryshare_groups_as_string) {
    $vars->{'queryshare_groups'}
      = Bugzilla::Group->new_from_list($user->queryshare_groups);
  }
  $vars->{'bless_group_ids'} = [map { $_->id } @{$user->bless_groups}];
}

sub SaveSavedSearches {
  my $cgi  = Bugzilla->cgi;
  my $dbh  = Bugzilla->dbh;
  my $user = Bugzilla->user;

  # We'll need this in a loop, so do the call once.
  my $user_id = $user->id;

  my $sth_insert_nl = $dbh->prepare(
    'INSERT INTO namedqueries_link_in_footer
                                       (namedquery_id, user_id)
                                       VALUES (?, ?)'
  );
  my $sth_delete_nl = $dbh->prepare(
    'DELETE FROM namedqueries_link_in_footer
                                             WHERE namedquery_id = ?
                                               AND user_id = ?'
  );
  my $sth_insert_ngm = $dbh->prepare(
    'INSERT INTO namedquery_group_map
                                        (namedquery_id, group_id)
                                        VALUES (?, ?)'
  );
  my $sth_update_ngm = $dbh->prepare(
    'UPDATE namedquery_group_map
                                           SET group_id = ?
                                         WHERE namedquery_id = ?'
  );
  my $sth_delete_ngm = $dbh->prepare(
    'DELETE FROM namedquery_group_map
                                              WHERE namedquery_id = ?'
  );

  # Update namedqueries_link_in_footer for this user.
  foreach my $q (@{$user->queries}, @{$user->queries_available}) {
    if (defined $cgi->param("link_in_footer_" . $q->id)) {
      $sth_insert_nl->execute($q->id, $user_id) if !$q->link_in_footer;
    }
    else {
      $sth_delete_nl->execute($q->id, $user_id) if $q->link_in_footer;
    }
  }

  # For user's own queries, update namedquery_group_map.
  foreach my $q (@{$user->queries}) {
    my $group_id;

    if ($user->in_group(Bugzilla->params->{'querysharegroup'})) {
      $group_id = $cgi->param("share_" . $q->id) || '';
    }

    if ($group_id) {

      # Don't allow the user to share queries with groups they're not
      # allowed to.
      next unless grep($_ eq $group_id, @{$user->queryshare_groups});

      # $group_id is now definitely a valid ID of a group the
      # user can share queries with, so we can trick_taint.
      detaint_natural($group_id);
      if ($q->shared_with_group) {
        $sth_update_ngm->execute($group_id, $q->id);
      }
      else {
        $sth_insert_ngm->execute($q->id, $group_id);
      }

      # If we're sharing our query with a group we can bless, we
      # have the ability to add link to our search to the footer of
      # direct group members automatically.
      if ($user->can_bless($group_id) && $cgi->param('force_' . $q->id)) {
        my $group   = new Bugzilla::Group($group_id);
        my $members = $group->members_non_inherited;
        foreach my $member (@$members) {
          next if $member->id == $user->id;
          $sth_insert_nl->execute($q->id, $member->id) if !$q->link_in_footer($member);
        }
      }
    }
    else {
      # They have unshared that query.
      if ($q->shared_with_group) {
        $sth_delete_ngm->execute($q->id);
      }

      # Don't remove namedqueries_link_in_footer entries for users
      # subscribing to the shared query. The idea is that they will
      # probably want to be subscribers again should the sharing
      # user choose to share the query again.
    }
  }

  $user->flush_queries_cache;

  # Update profiles.mybugslink.
  my $showmybugslink = defined($cgi->param("showmybugslink")) ? 1 : 0;
  $dbh->do("UPDATE profiles SET mybugslink = ? WHERE userid = ?",
    undef, ($showmybugslink, $user->id));
  $user->{'showmybugslink'} = $showmybugslink;
  Bugzilla->memcached->clear({table => 'profiles', id => $user->id});
}


sub DoApiKey {
  my $user = Bugzilla->user;

  my $api_keys = Bugzilla::User::APIKey->match({user_id => $user->id});
  $vars->{api_keys} = $api_keys;
  $vars->{any_revoked} = grep { $_->revoked } @$api_keys;
}

sub SaveApiKey {
  my $cgi  = Bugzilla->cgi;
  my $dbh  = Bugzilla->dbh;
  my $user = Bugzilla->user;

  # Do it in a transaction.
  $dbh->bz_start_transaction;

  # Update any existing keys
  my $api_keys = Bugzilla::User::APIKey->match({user_id => $user->id});
  foreach my $api_key (@$api_keys) {
    my $description = $cgi->param('description_' . $api_key->id);
    my $revoked     = $cgi->param('revoked_' . $api_key->id);

    if ($description ne $api_key->description || $revoked != $api_key->revoked) {
      $api_key->set_all({description => $description, revoked => $revoked,});
      $api_key->update();
    }
  }

  # Create a new API key if requested.
  if ($cgi->param('new_key')) {
    $vars->{new_key}
      = Bugzilla::User::APIKey->create({
      user_id => $user->id, description => scalar $cgi->param('new_description'),
      });

    # As a security precaution, we always sent out an e-mail when
    # an API key is created
    my $template = Bugzilla->template_inner($user->setting('lang'));
    my $message;
    $template->process('email/new-api-key.txt.tmpl', $vars, \$message)
      || ThrowTemplateError($template->error());

    MessageToMTA($message);
  }

  $dbh->bz_commit_transaction;
}

###############################################################################
# Live code (not subroutine definitions) starts here
###############################################################################

my $cgi = Bugzilla->cgi;

# Delete credentials before logging in in case we are in a sudo session.
$cgi->delete('Bugzilla_login', 'Bugzilla_password') if ($cgi->cookie('sudo'));
$cgi->delete('GoAheadAndLogIn');

# First try to get credentials from cookies.
my $user = Bugzilla->login(LOGIN_OPTIONAL);

if (!$user->id) {

  # Use credentials given in the form if login cookies are not available.
  $cgi->param('Bugzilla_login',    $cgi->param('old_login'));
  $cgi->param('Bugzilla_password', $cgi->param('old_password'));
}
Bugzilla->login(LOGIN_REQUIRED);

my $save_changes = $cgi->param('dosave');
$vars->{'changes_saved'} = $save_changes;

my $current_tab_name = $cgi->param('tab') || "settings";

# The SWITCH below makes sure that this is valid
trick_taint($current_tab_name);

$vars->{'current_tab_name'} = $current_tab_name;

my $token = $cgi->param('token');
check_token_data($token, 'edit_user_prefs') if $save_changes;

# Do any saving, and then display the current tab.
SWITCH: for ($current_tab_name) {

  # Extensions must set it to 1 to confirm the tab is valid.
  my $handled = 0;
  Bugzilla::Hook::process(
    'user_preferences',
    {
      'vars'       => $vars,
      save_changes => $save_changes,
      current_tab  => $current_tab_name,
      handled      => \$handled
    }
  );
  last SWITCH if $handled;

  /^account$/ && do {
    SaveAccount() if $save_changes;
    DoAccount();
    last SWITCH;
  };
  /^settings$/ && do {
    SaveSettings() if $save_changes;
    DoSettings();
    last SWITCH;
  };
  /^email$/ && do {
    SaveEmail() if $save_changes;
    DoEmail();
    last SWITCH;
  };
  /^permissions$/ && do {
    DoPermissions();
    last SWITCH;
  };
  /^saved-searches$/ && do {
    SaveSavedSearches() if $save_changes;
    DoSavedSearches();
    last SWITCH;
  };
  /^apikey$/ && do {
    SaveApiKey() if $save_changes;
    DoApiKey();
    last SWITCH;
  };

  ThrowUserError("unknown_tab", {current_tab_name => $current_tab_name});
}

delete_token($token) if $save_changes;
if ($current_tab_name ne 'permissions') {
  $vars->{'token'} = issue_session_token('edit_user_prefs');
}

# Generate and return the UI (HTML page) from the appropriate template.
print $cgi->header();
$template->process("account/prefs/prefs.html.tmpl", $vars)
  || ThrowTemplateError($template->error());
